|
|
| Line 61: |
Line 61: |
| [http://wiki.mozilla.org/VE_09#VE.09.20.01 VE.09.20.01 ] | | [http://wiki.mozilla.org/VE_09#VE.09.20.01 VE.09.20.01 ] |
| || | | || |
| The module can perform the following self-tests:
| | [http://wiki.mozilla.org/Power_Up_Selftests Power-Up Selftests ] |
| * Power-up self-tests
| |
| ** Cryptographic algorithm tests: A known-answer test is conducted for all cryptographic functions (e.g., encryption, decryption, authentication and random number generation) of each Approved cryptographic algorithm implemented by the cryptographic module: RC2, RC4, DES, Triple DES, AES-128, AES-192, AES-256, MD2, MD5, SHA-1, SHA-256, SHA-384, SHA-512, HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512, RSA, DSA, RNG, and ECDSA (see the [http://www.mozilla.org/projects/security/pki/nss/fips/nss-source/mozilla/security/nss/lib/softoken/fipstest.c.html power-up self-tests source code]).<div class=note>'''Note:''' Cryptographic algorithms whose outputs vary for a given set of inputs (DSA and ECDSA) are tested using a known-answer test. The message digest algorithms have independent known-answer tests.</div>
| |
| ** Software integrity test
| |
| * Conditional self-tests
| |
| ** Pair-wise consistency test (for public and private keys)
| |
| ** Continous random number generator test
| |
| | |
| These tests are mandatory for the FIPS 140-2 mode of
| |
| operation.
| |
| || Draft | | || Draft |
| |- | | |- |